Symmetric encryption
Tools
: gpg, openssl enc
算法
:DES,DES3,AES,Blowfish,Twofish,RC6,idea,CAST5
The command used for encryption:
openssl enc -des3 -a -salt -in /path/from/somefile -out /path/to/somecipherfile
Command used to decrypt:
openssl enc -d -des3 -a -salt -in /path/from/somecipherfile -out /path/to/somefile
Option Description
:
-a base64 process the data, process the data based on base64.
-salt use a salt in the key derivation routines. This is the default.
-in specifies the input file
-out specifies the output file
Two-way encryption
Features
:
1, one-way: one-way, irreversible
2. Collison-free: no conflict
Algorithm
:
1、md5:128bits
2、sha1:160bits
3、sha256:256bits
4、sha384:384bits
5、sha512:512bits
Encryption tool 1
: md5sum, sha1sum, openssl dgst, chsum
openssl dgst [-md5|-sha1] [-out /path/to/filename] /path/from/somefile
The signature codes obtained after using different tools to encrypt with the same encryption algorithm are the same.
When the -out option is used,
the signature can also be output to the specified file.
Encryption tool 2:
openssl passwd
openssl passwd -1 -salt SALT (specify salt, generally use random numbers)
-1 means to use md5 encryption, which is the number 1.
Execute the following command:
[root@localhost ~]# openssl passwd -1 -salt 123456
Password:
$1$123456$cVybQG8XqIO61wU3euEah0
Generate random number tool:
openssl rand
openssl rand -base64|-hex num
-hex Show the output as a hex string
By generating random numbers for salt, you do not need to enter the salt every time.
Generate key tool
: openssl genrsa
umask 077
openssl genrsa -out /path/to/keyfile NUMBEROFBITS
To produce a private key, the private key should only be authorized by the owner, so the umask should be specified as 077 when generating the private key file, and the permission of the created private key file should be 600.
Extract public key tool from private key
:
openssl rsa
openssl rsa -in /path/from/private_key_file -text -pubout